1
00:00:00,960 --> 00:00:09,510
High within the section re going to sell a new CTF, which is called Wakanda, and it's it resides under

2
00:00:09,630 --> 00:00:16,530
one dot com, which is a fantastic Web site, because there are a couple of actually there are hundreds

3
00:00:16,530 --> 00:00:19,050
of virtual machines over here.

4
00:00:19,620 --> 00:00:25,220
Of course, they are vulnerable machines and this website is completely free.

5
00:00:25,500 --> 00:00:27,540
So we're going to start with those.

6
00:00:27,840 --> 00:00:30,080
We're going to take a look at a couple of those.

7
00:00:30,090 --> 00:00:32,440
And first of which is going to be Wakanda.

8
00:00:32,940 --> 00:00:41,610
So this is a movie, maybe you know that the Black Panther movie and I didn't even watch the movie,

9
00:00:41,880 --> 00:00:46,500
but we're going to try and solve this CTF together, OK?

10
00:00:46,800 --> 00:00:54,960
So if you search for Racan, then if you just find this machine over here, this is released in five

11
00:00:54,960 --> 00:00:58,040
of August, 5th of August 2018.

12
00:00:58,350 --> 00:01:01,950
And as you can see, there are a couple of download mirrors over here.

13
00:01:02,280 --> 00:01:03,690
I just download one.

14
00:01:03,880 --> 00:01:10,530
OK, so it downloads and Alwiya file so that you can run it easily on your virtual box.

15
00:01:10,980 --> 00:01:13,310
And here we have a description.

16
00:01:13,470 --> 00:01:17,020
It's always a good idea to read about description.

17
00:01:17,040 --> 00:01:23,940
This is only hint that we're going to get in this virtual machine in the previous section when we try

18
00:01:23,940 --> 00:01:24,960
and solve the Bendit.

19
00:01:24,960 --> 00:01:31,110
We had a lot of tips, a lot of brief's, a lot of descriptions, but this is the only one that we're

20
00:01:31,120 --> 00:01:33,120
ever going to get, OK?

21
00:01:33,730 --> 00:01:38,440
And it only says that we're going to get the route.

22
00:01:38,550 --> 00:01:45,970
OK, so there are three flags, so flag one flag to and the route texte and we're going to find them.

23
00:01:46,110 --> 00:01:48,430
So this is the essence of capturing the flag.

24
00:01:48,480 --> 00:01:54,300
OK, we're going to capture those flags and this is kind of intermediate level machine.

25
00:01:54,990 --> 00:02:00,810
So anyway, as you can see, there isn't too much heat over here.

26
00:02:00,820 --> 00:02:03,400
Just follow your intuitions and enumerate.

27
00:02:03,900 --> 00:02:05,580
So this is about the enumeration.

28
00:02:05,670 --> 00:02:10,500
And there is a logic that we sold all of those seats during the course.

29
00:02:10,680 --> 00:02:16,290
So we're going to start with this thing and we're going to move on to other things where we focus on

30
00:02:16,290 --> 00:02:19,170
other areas rather than enumeration.

31
00:02:19,350 --> 00:02:22,340
OK, so download this area.

32
00:02:22,500 --> 00:02:29,520
Of course, I downloaded it in order not to make you wait and read the descriptions and then you can

33
00:02:29,790 --> 00:02:31,640
run it on your virtual box.

34
00:02:31,650 --> 00:02:33,300
I'm going to show you how to install it.

35
00:02:33,630 --> 00:02:39,540
Once you download the area, you're going to have to double click on it and just import it as it is.

36
00:02:39,570 --> 00:02:43,040
OK, we can change the settings later on.

37
00:02:43,710 --> 00:02:45,330
Just make sure you impart it.

38
00:02:45,880 --> 00:02:52,680
Of course, if you're using something else, then virtual box like VM, where you're going to have to

39
00:02:52,710 --> 00:02:57,900
make sure that you find a way to import your Alwiya into we are marabout.

40
00:02:57,900 --> 00:03:01,890
I believe this machine is specifically built for virtual buks.

41
00:03:02,020 --> 00:03:05,720
So since virtual box is free, you can download it and use it anyway.

42
00:03:06,060 --> 00:03:12,900
So make sure this is Linux and Debian 64 bit and for the RAM, I'm going to live with it.

43
00:03:12,900 --> 00:03:17,670
Visnjic OK, with your memory, we're not even going to need that.

44
00:03:17,670 --> 00:03:20,040
So let me just go over here.

45
00:03:20,310 --> 00:03:21,630
Network is important.

46
00:03:21,750 --> 00:03:28,530
I'm going to make it into the net network, OK, because that's my Caleigh operates, that's where my

47
00:03:28,530 --> 00:03:29,400
colleague operates.

48
00:03:29,610 --> 00:03:32,730
I'm going to make the promiscuous model of all.

49
00:03:33,360 --> 00:03:34,830
And here you go.

50
00:03:34,830 --> 00:03:37,350
Micheli is working on the Net Network.

51
00:03:37,650 --> 00:03:39,000
Please be aware of that.

52
00:03:39,000 --> 00:03:42,480
It's very important they have to connect with each other.

53
00:03:42,720 --> 00:03:47,850
So make sure you both put them on the same net network.

54
00:03:48,090 --> 00:03:54,240
OK, of course, if you're working with some other network like Nat'l or Bridge Adapter, it's fine

55
00:03:54,240 --> 00:03:57,680
to make sure they actually communicate with each other.

56
00:03:58,140 --> 00:03:59,010
So here you go.

57
00:03:59,010 --> 00:04:00,660
This is our Racan, the machine.

58
00:04:00,660 --> 00:04:05,490
And as you can see, it asks for a login, but we don't know how to log in over here.

59
00:04:05,490 --> 00:04:07,170
We don't have a hint on that.

60
00:04:07,560 --> 00:04:12,470
We are just going to have to just this to the callaloo.

61
00:04:13,230 --> 00:04:14,940
So I'm going to open my color Linux.

62
00:04:15,360 --> 00:04:23,910
And I believe we don't even know the IP address of that machine yet, but we can just do a net discover

63
00:04:23,910 --> 00:04:27,570
or end map in order to get the IP of the target machine.

64
00:04:28,020 --> 00:04:29,910
So let me just run.

65
00:04:29,910 --> 00:04:30,810
I have config.

66
00:04:31,140 --> 00:04:31,910
Here you go.

67
00:04:32,040 --> 00:04:38,810
We're on Channel two four, so I'm going to run that discovery with the range of Tenno to zero slash

68
00:04:38,910 --> 00:04:39,660
twenty four.

69
00:04:40,320 --> 00:04:42,840
So I believe you know how to do this stuff.

70
00:04:42,990 --> 00:04:49,020
OK, how to get the IP from like in an internal network.

71
00:04:49,650 --> 00:04:56,280
And if your net discover doesn't work, you can always go with the end map as well.

72
00:04:56,580 --> 00:04:59,430
You can run and map with a range like this.

73
00:04:59,430 --> 00:05:00,030
OK.

74
00:05:00,380 --> 00:05:05,390
I created in the Net discover, just make sure you get the IP address of the target machine.

75
00:05:05,420 --> 00:05:06,610
That's where we start, right?

76
00:05:06,620 --> 00:05:09,500
We're gaining information over here.

77
00:05:09,500 --> 00:05:14,140
We're gathering information and we're just going to enumerate a little bit.

78
00:05:14,150 --> 00:05:20,090
We we're going to go into the active scan, which is that basically later on.

79
00:05:20,600 --> 00:05:24,380
But we're going to have to see the IP address of the target machine.

80
00:05:24,380 --> 00:05:25,200
And here we are.

81
00:05:25,580 --> 00:05:30,860
So 10 to 14, I believe we we are on ten or two.

82
00:05:30,860 --> 00:05:31,130
Four.

83
00:05:31,130 --> 00:05:33,800
So 10 on to 14 must be the target machine.

84
00:05:33,800 --> 00:05:37,550
And as you can see, we already see the open ports over here.

85
00:05:38,000 --> 00:05:41,450
And that discover isn't even complete yet.

86
00:05:41,450 --> 00:05:48,320
But we can always get the IP from here any way our path is clear.

87
00:05:48,320 --> 00:05:52,880
I believe we're going have to run and scan against this Channel 214.

88
00:05:53,150 --> 00:05:55,240
So I'm going to open a new tab over here.

89
00:05:55,610 --> 00:06:00,680
You can't run and maps scan or you can just use them map whichever you want.

90
00:06:00,880 --> 00:06:02,930
OK, so I'm going to go for the map.

91
00:06:03,200 --> 00:06:06,170
I'm going to go for the service over here.

92
00:06:06,170 --> 00:06:16,430
So S.V. OK, and if you have a favorite and map scan, you can always go for that and see if you get

93
00:06:16,430 --> 00:06:18,380
the appropriate result back.

94
00:06:18,720 --> 00:06:22,610
I'm going to search for all ports, internal 214.

95
00:06:22,820 --> 00:06:25,970
So remember this dashboard dash stands for all ports.

96
00:06:26,930 --> 00:06:32,330
So I'm just going to see if we have like any other open ports rather than this.

97
00:06:32,750 --> 00:06:41,810
And yeah, I believe we can't use the first scan over here, so I'm going to just make it a so here

98
00:06:41,810 --> 00:06:42,230
you go.

99
00:06:42,230 --> 00:06:45,980
Now, we started a map against 10 214.

100
00:06:45,980 --> 00:06:47,990
Of course, it's going to take some time.

101
00:06:48,440 --> 00:06:49,220
If you want.

102
00:06:49,220 --> 00:06:50,720
You can always post this.

103
00:06:50,720 --> 00:06:51,470
And here you go.

104
00:06:51,470 --> 00:06:56,750
We have the Internet discover scan results back in here as well.

105
00:06:56,990 --> 00:07:01,070
So 10 or 214 is the target.

106
00:07:01,280 --> 00:07:03,950
And we can see the Mac address over here.

107
00:07:04,310 --> 00:07:06,350
You can go for the same map if you want.

108
00:07:06,350 --> 00:07:12,410
As I said before, you can't just choose the internal scan or any other scan profiles from here and

109
00:07:12,410 --> 00:07:15,170
you can see the command over there.

110
00:07:15,380 --> 00:07:17,060
And that is just a GUI.

111
00:07:17,060 --> 00:07:21,860
So as a map is just agree, you can always around and map from your terminal.

112
00:07:22,400 --> 00:07:23,540
Here you go.

113
00:07:23,540 --> 00:07:31,580
So we have various ports over here, which is surprising.

114
00:07:31,820 --> 00:07:38,870
Oh no, not surprising because we have already seen the eighty one one one and thirty three thirty three

115
00:07:38,870 --> 00:07:39,680
over here.

116
00:07:40,580 --> 00:07:45,320
I believe we have an extra one, but we get to take a look at all of those things.

117
00:07:45,410 --> 00:07:45,920
Right.

118
00:07:46,640 --> 00:07:53,240
So the important thing is we have the result back and we have the services and stuff.

119
00:07:53,750 --> 00:07:57,170
So other important thing is make note of that.

120
00:07:57,380 --> 00:07:59,690
So I'm going to go into my documents.

121
00:07:59,990 --> 00:08:07,070
I'm just going to go into my folder and I'm going to create a new kind of folder over here, which is

122
00:08:07,070 --> 00:08:10,970
where we going to save all the notes regarding to the CTF.

123
00:08:11,480 --> 00:08:19,790
So I'm going to create a new not text, not file over here, like, no, that's OK with Nano.

124
00:08:19,940 --> 00:08:26,390
And I'm going to copy and paste the map scan results over there so that if we just closed this terminal

125
00:08:26,390 --> 00:08:29,840
by mistake, we can always go back and see what it was.

126
00:08:30,350 --> 00:08:34,150
So I'm going to paste over here like that.

127
00:08:34,580 --> 00:08:35,540
So here you go.

128
00:08:35,540 --> 00:08:37,400
Now we have the map scan result.

129
00:08:37,640 --> 00:08:41,530
I'm going to say control or enter control X now it's SAFET.

130
00:08:42,060 --> 00:08:42,680
Great.

131
00:08:42,680 --> 00:08:47,870
Now, if I can't this out, we can see the map result every time we do that.

132
00:08:48,500 --> 00:08:50,540
So far, so good.

133
00:08:50,960 --> 00:08:53,390
So I believe this was the first step.

134
00:08:53,400 --> 00:09:00,890
Now you're ready to analyze the results back from the map and make our way into this machine.

135
00:09:00,890 --> 00:09:01,280
Right?

136
00:09:01,490 --> 00:09:04,490
So let's do that within the next lecture together.